US20100161959A1 - Method and apparatus for extending transport layer security protocol for power-efficient wireless security processing - Google Patents
Method and apparatus for extending transport layer security protocol for power-efficient wireless security processing Download PDFInfo
- Publication number
- US20100161959A1 US20100161959A1 US12/343,119 US34311908A US2010161959A1 US 20100161959 A1 US20100161959 A1 US 20100161959A1 US 34311908 A US34311908 A US 34311908A US 2010161959 A1 US2010161959 A1 US 2010161959A1
- Authority
- US
- United States
- Prior art keywords
- security
- layer
- networking
- tls
- wireless
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/162—Implementing security features at a particular protocol layer at the data link layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W92/00—Interfaces specially adapted for wireless communication networks
- H04W92/04—Interfaces between hierarchically different network devices
- H04W92/10—Interfaces between hierarchically different network devices between terminal device and access point, i.e. wireless air interface
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Definitions
- Embodiments of the invention relate to apparatus, system and method for improved encryption processing in wireless communication devices.
- Wireless access points such as WiFi hotspots provide pubic WLAN access in many locations such as airports, hotels, coffee shops, etc., providing networking access (e.g., internet access) to wireless clients.
- the wireless client may implement security measures such as encryption, which are used to prevent problems such as unauthorized access, eavesdropping, or spoofing of authorized users.
- the security measures may be implemented as security protocols at a networking layer, and/or security processing at a physical layer.
- the wireless client device may have more than one processor performing encryption processing.
- the embodiments of the invention relate to improved methodology of implementing security processing within a wireless client.
- FIG. 1 shows a TLS session negotiating wireless cryptographic ciphers
- FIG. 2 shows an architecture for efficient security processing packet flow for link-layer wireless and TLS communication
- FIG. 3 shows additions to TLS standard protocol flow for negotiating layer-2 wireless security algorithms
- FIG. 4 shows a TLS protocol message formats, modified to support embodiments of the present invention.
- WiFi refers to wireless communication technology usable by both mobile and fixed communication devices.
- Mobile wireless technology may be specified in IEEE Standard 802.11, “Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications” and amendments thereto (hereinafter “IEEE 802.11” or “802.11”).
- IEEE 802.11 The purpose of IEEE 802.11 is to provide wireless connectivity to automatic machinery, equipment, or stations that require rapid deployment, which may be portable or hand-held, or which may be mounted on moving vehicles within a local area. This standard also offers regulatory bodies a means of standardizing access to one or more frequency bands for the purpose of local area communication.
- Security mechanisms for wireless networks may be specified in IEEE 802.11i, an amendment to the original IEEE 802.11 standard, now incorporated into the published IEEE 802.11-2007 standard.
- IEEE 802.11r-2008 or fast Basic Service Set (BSS) transition
- BSS Basic Service Set
- IEEE 802.11r-2008 is an amendment to the IEEE 802.11 standard to permit continuous connectivity aboard wireless devices in motion, with fast and secure handoffs from one base station to another managed in a seamless manner.
- IEEE 802.11r redefines the security key negotiation protocol, allowing both the negotiation and requests for wireless resources.
- IEEE 802.11 Amendment 7, “Interworking with External Networks” may be referred to as “IEEE 802.11u” or “802.11u.”
- IEEE 802.11u specifies enhancements to 802.11 that support WLAN Interworking with External Networks, facilitating higher layer functionalities.
- IEEE 802.11u improves information transfer from external networks, aiding network selection, and enabling emergency services.
- Wireless technology used by fixed wireless communication devices may be specified in IEEE Standard 802.16, “Air Interface for Fixed Broadband Wireless Systems” and amendments thereto (hereinafter “IEEE 802.16” or “802.16”). It will be understood as used herein that “wireless,” “wireless technology,” and similar terms may refer to either 802.11 or 802.16 unless expressly limited otherwise.
- IEEE 802.16 The purpose of IEEE 802.16 is to specify the air interface of fixed broadband wireless access (BWA) systems supporting multimedia services.
- the medium access control layer (MAC) supports a primarily point-to-multipoint architecture, with an optional mesh topology.
- the MAC is structured to support multiple physical layer (PHY) specifications, each suited to a particular operational environment. For operational frequencies from 10-66 GHz, the PHY is based on single-carrier modulation.
- orthogonal frequency-division multiplexing i.e., WirelessMAN-OFDM or “OFDM”
- orthogonal frequency-division multiple access i.e., WirelessMAN-OFDMA or “OFDMA”
- orthogonal frequency-division using single-carrier modulation i.e., WirelessMAN-SCa or “single-carrier modulation”.
- IEEE 802.16e provides enhancements to IEEE Std 802.16 to support subscriber stations moving at vehicular speeds and thereby specifies a system for combined fixed and mobile broadband wireless access. Fixed IEEE 802.16 subscriber capabilities are not compromised.
- IEEE 802.16m is a draft amendment to IEEE 802.16, providing an advanced air interface meeting the cellular layer requirements of advanced next generation mobile networks, with continuing support for legacy wireless equipment.
- WiFi hotspots provide pubic WLAN access in many locations such as airports, hotels, coffee shops, etc. and may provide various services such as internet access, streaming video (e.g., IP TV), IMS, and online games. There is a need for security in order to prevent problems such as eavesdropping, spoofing, unauthorized access, etc. Security may be provided at more than one layer of a networking model.
- a networkable wireless device includes a wireless network interface card (WNIC).
- WNIC wireless network interface card
- Conventional packet processing on wireless devices performs wireless security processing on the WNIC, and the TLS (or IPSec) packet is processed on the main processor of the wireless device, then delivered to a different cryptographic processor within the wireless device for security processing, then sent back to the main processor of the wireless device for further delivery to an application (e.g., a browser).
- an application e.g., a browser
- TLS/SSL security protocols use security processing algorithms at a higher layer that are distinct from the protocols used for wireless security processing at lower layers, e.g., as specified in IEEE 802.11i, 802.11r, 802.16e, and 802.16m. While this is adequate for coarse grained client processing, for instance for transport-layer security in laptop computers, applying existing security methods from the TLS layer to communication packets processed at lower layers is disadvantageous because such methods increase the packet security processing overhead. Processing each packet on a wireless device using TLS/SSL security protocols would include executing a complex, multi-loop path between a host, to/from a processor implementing cryptographic functions, to/from a separate WNIC processor. Processors, as used herein (unless a different meaning is clearly indicated by the context of usage), may include either separate processing chips implementing processing functions, or separate independent processing cores physically on the same chip.
- transport layer security processing is performed via software algorithms running on a processor (e.g. host processor on a laptop) performing the cryptographic functions.
- Wireless packet and security processing typically is performed on a separate wireless processor. This division of processing tasks degrades the overall power consumption of the wireless device because signals, including data packet and state, have to be driven from one chipset to another chipset. Furthermore, it may not be possible to place some of these processors in any extended period of reduced power consumption while the security processing is taking place.
- ultramobile devices such as Mobile Internet Devices (MID)/Ultra-Mobile PC (UMPC) devices
- MID Mobile Internet Devices
- Ultra-Mobile PC Ultra-Mobile PC
- embodiments of the present invention propose security extensions to the IETF TLS or IETF IPsec standards, which enable the Mobile Internet Devices (MID) architectures to perform power-efficient and streamlined security packet processing.
- Transport Layer Security protocol is the ubiquitous application security protocol of the internet, used in bank transactions, intranet security, web services, etc.
- Embodiments of the invention have a further advantage of reducing power consumption of the wireless device by placing at least a portion of the wireless device in a lower power consumption mode during at least a portion of the time used to process security.
- a host/chipset complex may be placed in such a reduced-power state, then woken up to a higher-power state after all security processing has been done in the WNIC.
- embodiments of the invention may include a method for providing communication security at a first networking layer, and at a second networking layer different than the first networking layer, for a wireless client comprising a first processor, the method including steps of obtaining a security algorithm from a first controller for use in security processes at a first networking layer, wherein the first controller is associated with the first networking layer, and negotiating with a second controller for use of the security algorithm for use in security processes at a second networking layer, wherein the second controller is associated with the second networking layer, and wherein the security processes in the wireless client at the first networking layer and the second networking layer are performed in the first processor.
- the method may include operating at least a portion of the wireless client at a reduced power level during at least a portion of obtaining a security algorithm from a first controller and negotiating with a second controller.
- the method may apply when the first networking layer is a link-layer and the second networking layer is a network-layer.
- the second networking layer for instance may be TLS or IPsec.
- the method may further operate by obtaining a security algorithm from a first controller by a method that includes requesting the security algorithm for first-layer security by the wireless client from the first controller, and delivering the security algorithm to a TLS stack within the wireless client.
- the method may further operate by negotiating with the second controller by a method that includes presenting the security algorithm to the second controller for use by the second controller to provide network-layer security when communicating with the wireless client, receiving a security algorithm confirmation from the second controller, and configuring the wireless client to use the security algorithm for both first-layer and second-layer security processing.
- the security algorithm for the method may be, for instance, AES-CCM or AES-GCM.
- Delivery of the security algorithm to the TLS stack further may further include placing the security algorithm as a top-priority security algorithm for TLS sessions, or configuring the security algorithm into the TLS stack.
- the TLS protocol does not have an option of including the Advanced Encryption Standard/Cipher Block Chaining-Message Authentication Code (AES-CCM) security algorithm for use in TLS.
- AES-CCM Advanced Encryption Standard/Cipher Block Chaining-Message Authentication Code
- a security algorithm herein may be referred to as a cipher.
- a cipher is one part of a security protocol.
- a security protocol includes additional functions such as authentication, key assertion, liveness checks, and related functions.
- the AES-CCM cipher is widely used in 802.11 and 802.16, but other ciphers such as AES-GCM are also available.
- Embodiments of the present invention describe additions to the TLS protocol to include layer-2 ciphers (e.g., AES-CCM, AES-GCM, etc.) during cipher negotiation, so that processor implementing IEEE 802.11 and IEEE 802.16 can use their existing layer-2 cryptographic processing engines (e.g., AES-CCM and AES-GCM) to perform TLS security processing.
- An engine as referred to herein, is a set of lookup and/or classification logic, implemented in firmware and/or hardware, that detects the protocol type and security type of the packet at each networking layer.
- Packets processed for WLAN and TLS security in accord with embodiments of the present invention are processed in a pipelined manner, eliminating the multi-loop processing that currently exists. This has the benefit of decreasing the power consumed to process each packet. Furthermore, while security processing is being performed in the WNIC, other processing portions of the wireless device can be put into a power-saving mode, and then removed from the power-saving mode after the security processing is completed, thus further saving power and extending battery life of the wireless device. Based on basic packet processing analysis, this invention improves battery life when used in small, low-powered devices, e.g., devices based on the MID/UMPC platforms, and/or mobile phones or smart-phones that are capable of providing Internet access via 802.11, 802.16, or other wireless access protocols.
- small, low-powered devices e.g., devices based on the MID/UMPC platforms, and/or mobile phones or smart-phones that are capable of providing Internet access via 802.11, 802.16, or other wireless access protocols.
- Embodiments of the present invention introduce a change in the TLS protocol having a beneficial impact to the wireless device, by eliminating the need for using multiple engines to process security for different protocol layers.
- Embodiments of the present invention introduce a single cross-layer security processor.
- Conventional wireless products do not have a single or unified security processor for all wireless (layer-2), IPsec (layer-3) and TLS (layer-4) security processing.
- Embodiments of the present invention provide a pipeline mode, cutting through multiple layers of networking hierarchy, for efficiently processing multiple layers of networking security for an incoming packet.
- the pipeline mode enables processing the security in a single pass through a security engine in a single processor chip.
- Embodiments of the present invention add a deep packet lookup engine between the pipelines.
- deep packet (“DP”) lookup operates by analyzing the content in both the packet header and the payload over a series of packet transactions. Consequently, DP provides the ability to analyze network usage and optimize network performance, thereby enabling a network operator to manage more effectively the traffic flow through the network.
- One embodiment of the present invention adds AES-CCM into the TLS protocol, thereby achieving at least the following benefits:
- AES-CCM is a more efficient security algorithm, and provides improved processing throughput or processing speed of security packets compared to the security processing performed at Layer-2 by the WNIC, adding AES-CCM cryptographic processing to the TLS protocol will improve overall TLS packet processing latency. Benefits are further achieved because AES-CCM cryptographic processing requires only five block cipher operations per packet, resulting in minimal packet expansion after security encryption processing is done. Encryption and decryption both require one block cipher encryption function. Encryption and authentication can be performed simultaneously by hardware, without waiting for encryption to be completed before performing the authentication check;
- AES-CCM Usage of AES-CCM allows combining the AES-CTR mode for data confidentiality and Cipher Block Chaining Message Authentication Code (“CBC-MAC”) for integrity and authentication.
- AES-CTR and CBC-MAC are operating modes that are well known to persons of ordinary skill in the art. Techniques of combining AES-CTR and CBC-MAC are well known to persons of ordinary skill in the art, for instance as described in R. Housley (RSA Laboratories), “Counter with CBC-MAC (CCM) AES Mode of Operation”, public submission to NIST;
- AES-CCM will be able to perform encryption and a Message Integrity Code (MIC) calculation as part of same algorithm. This eliminates the need to perform separate encryption and separate message authentication, as is currently done in TLS. In contrast, the conventional method of performing encryption using the SHA integrity security algorithms is relatively more computationally expensive than using AES;
- FIG. 1 illustrates an exemplary network level diagram, illustrating the major components in the network when a client initiates a TLS session with any Application Server protected with TLS security, and uses TLS extensions.
- FIG. 1 illustrates an embodiment of the invention, that of the wireless client 3 negotiating the same cryptographic cipher suites with the remote TLS Server 2 , as that used by the wireless layer.
- a cipher suite as used herein (unless a different meaning is clearly indicated by the context of usage), refers to a family of related cryptographic algorithms for protecting the message, e.g., AES, DES, etc.
- the TLS Server 2 is one embodiment of an Application Security Server.
- a TLS Stack refers to generic software and/or hardware components on a machine that processes TLS protocol packets. Embodiments of the invention may be practiced in networks that rely upon a non-TLS protocol, by use of an Application Security Server directed to the non-TLS protocol.
- a WLAN controller 4 is in control of wireless access point AP designated as 5 . Additional access points (not shown) may also be controlled by WLAN controller 4 .
- WLAN controller 4 and access point 5 will be of compatible technology, e.g., both 802.11 or both 802.16.
- a wireless client 3 is illustrated as a laptop PC, but may be any communication device with wireless communication capability compatible with IEEE 802.11 and/or 802.16. It will be understood that the embodiments described may also be used with other wireless technology standards.
- the wireless client 3 is in communication 8 with at least one of the access points, for example AP 5 .
- the wireless client 3 obtains a cipher from AP 5 , e.g., the AES-CCM-128 cipher, for use at the link-layer.
- a cipher from AP 5 , e.g., the AES-CCM-128 cipher, for use at the link-layer.
- this embodiment is not limited to this cipher, and applies to all present ciphers and security modes, future ciphers that may be introduced in wireless or TLS suites, and other security modes of AES.
- a “mode” as used herein is the use of a cipher for a specific purpose, e.g. using AES for encryption only is one mode; using AES for encryption and authentication is a second mode; etc.
- the wireless client 3 implements the TLS protocol, which includes various software components (not shown) such as a client wireless driver, TLS stack (not shown), and software drivers used for inter-processor communications.
- the TLS stack is a set of protocol processing components within wireless client 3 .
- the link-layer driver of wireless client 3 delivers this cipher to the TLS stack of the wireless client 3 , and places the cipher as the preferred cipher for TLS sessions.
- a platform may support multiple layer-2 ciphers, e.g., AES-CCM and AES-GCM; however, it may negotiate only one of the layer-2 ciphers with AP 5 .
- information about the supported layer-2 cipher can be configured into the TLS stack of wireless client 3 .
- Configuring the cipher into the TLS stack equivalently may be referred to as delivering the cipher to the TLS stack.
- the wireless client is then able to initiate a TLS session with a remote application server.
- the wireless client 3 presents the cipher obtained from AP 5 , e.g., the AES-CCM-128 cipher, as the cipher for the TLS server 2 to accept.
- the TLS server 2 then processes the cipher presented by the wireless client 3 , and if the cipher is supported by the TLS server 2 , the cipher presented by the wireless client will be accepted as the cipher for transport layer security.
- the wireless client 3 and the TLS server 2 then establish application transport layer security using the cipher obtained from AP 5 , e.g., the AES-CCM-128 cipher, by initiating the communication link using the cipher.
- AP 5 e.g., the AES-CCM-128 cipher
- the wireless client 3 may also use the same security processing engine in their wireless processor to process layer-2 (i.e., networking-layer) and layer-4 (transport layer) security processing security in tandem.
- layer-2 i.e., networking-layer
- layer-4 transport layer
- tandem security processing will be associated with each other because of the cipher, but will not necessarily be performed together in a temporal sense.
- separate security processing engines may be used, for instance in the case of wireless client implemented with a multi-core CPU.
- the wireless client 3 is able to process packets for both wireless security at the transport layer (layer-4) and networking layer (layer-2) without waking the main processor of the wireless client 3 or routing encrypted packet through the main processor.
- FIG. 2 illustrates an architecture within the wireless client for efficient security processing packet flow for wireless and TLS processing, according to the method of the first embodiment.
- the architecture is described in terms of a multi-core platform 10 (i.e., a processor having multiple independent processing cores), because the multi-core platform 10 offers the most flexibility in describing embodiments of the invention.
- the functions described in this embodiment may interchangeably be executed in various kinds of processors, for instance one of more of virtualization and/or virtual platforms (i.e., a platform with virtualization technology, wherein virtualization is a technology that allows same software to run on different hardware) multi-core processors, system on chip, or a multi-chip solution.
- the execution is interchangeable in the sense that the application server 1 , the TLS server 2 , the WLAN controller 4 , and/or the wireless client 3 may be implemented with any of these types of processors without affecting the method of the first embodiment of the invention.
- An architecture in accord with FIG. 2 features a security processing engine 11 in the Comms processor 12 using a pipeline mode to process packets for different layers of the stack.
- the Comms processor 12 is a communication engine.
- the various engines of FIG. 2 may be implemented within any combination of the plurality of cores within a multi-core processor.
- Pipeline mode refers to a broad functional pipeline of processing steps needed to process a packet. Pipeline mode uses a security pipeline architecture that processes all packets for multiple layer security, each packet being inspected for upper layer presence. Layer-2 and Layer-4 security processing is demonstrated in this embodiment. This also applies to Layer-2 and Layer-3 (i.e., IETF IPsec) security processing.
- the driver in the wireless client 3 installs the security association, including a cryptographic key and packet counters, into a Security Association Cache 13 .
- the security association is the establishment of shared security information between two network entities to support secure communication.
- the layer-2 wireless driver e.g., 802.11 driver 22 , or 802.16 driver 24
- the security algorithm negotiated at layer-2 e.g. AES-CCM
- the TLS Processor 19 uses the wireless security algorithms (i.e., layer-2), on packets to or from interface 203 , while executing the TLS Security handshake at layer-4.
- the TLS Processor 19 installs the TLS Security Association into the Security Association Cache 13 via interface 204 .
- the wireless frame processor 14 installs the Security Associations (e.g. 802.11 Pairwise Transient Key (PTK)) into the Security Association Cache 13 via interface 205 , upon conclusion of the wireless security (i.e., layer-2) protocol handshake.
- the Security Associations e.g. 802.11 Pairwise Transient Key (PTK)
- PTK Pairwise Transient Key
- a wireless packet arriving at the comms processor 12 via interface 206 is processed by the wireless frame processor 14 , wherein the processing includes at least ensuring that all fields in the wireless frame are consistent with the protocol and sent in the correct order.
- the processed packet is delivered via interface 207 to the Security Processing Engine 17 (in Comms Processor 12 ) by the wireless frame processor 14 .
- the Layer-2 wireless Security Association is fetched from the Security Association Cache 13 by the Security Processing Engine 17 , via interface 215 .
- the Security Processing Engine 17 decrypts the packet using the Security Association fetched for each packet from the Security Association Cache 13 .
- the wireless frame decrypted in the security processing engine 17 is sent back to the wireless frame processor 14 via interface 208 .
- the wireless frame processor 14 processes the frame to ensure compliance with the protocol—e.g. all fields are ordered correctly, that they contain valid values, and, both sides agree on protocol packet processing, etc.
- the wireless frame processor 14 then sends the decrypted and validated frame to the Deep Packet Inspection Engine 15 , via interface 209 , for inspecting the packet for the presence of upper protocol headers and identifying TLS (or IPsec) packets.
- packet is a TLS packet
- the packet is sent to a TLS Record Layer Security Processing Engine 16 within Comms Processor 12 , via interface 210 . If the packet is not a TLS packet, it will be processed by a separate security processing engine (not shown) that is compatible with the packet type. TLS Record Layer Security Processing Engine 16 will verify that the protocol headers are consistent, prior to sending the packet for decryption.
- the packet then is sent via interface 211 to the Security Processing Engine 17 , which is the same security processing engine as was used by the Wireless frame security processing.
- the Security Processing Engine 17 uses the TLS Security Associations from the Security Associations Cache 13 .
- the processed packet is sent back to the TLS Record Layer Security Engine 16 via interface 212 .
- the entire decrypted wireless frame is passed to the wireless driver, e.g., the 802.11 driver 22 , via interface 213 .
- the 802.11 driver 22 performs more frame processing—e.g., by processing any fields that need to be verified. Such field verification may include checking protocol field values, etc., and then passing the frame for upper layer protocol processing.
- the 802.11 driver 22 , wireless client 3 and AP 5 use Robust Security Network Association (RSNA) Capability Negotiation 23 as the mechanism to negotiate security parameters such as ciphers, the type of authentication to use, the type of keys to derive, etc.
- Other wireless drivers, e.g., the 802.16 driver 24 will also have a security capability negotiation 25 performing similar functions as RSNA Capability Negotiation 23 .
- the wireless packet then is sent to a TCP/IP Network Processor 21 , via interface 214 , for upper layer processing.
- the TLS stack will get this packet and forward it to the upper application (e.g. a browser).
- the TLS stack of wireless client 3 may be implemented in the TCP/IP Network Processor 21 , or it may be implemented in a separate processor.
- embodiments described herein may be expanded to include the ciphers used in 802.16 (AES-CCM), 3G, LTE and other wireless technologies in the link used by the TLS Security protocol. For instance, if 802.16 wireless technology is used, then the TLS Record Layer Security Engine 16 will send an entire decrypted frame to the 802.16 driver, via interface 213 a. The wireless packet would then be sent to the TCP/IP Network Processor 21 (interface not shown in FIG. 2 ) for upper layer processing.
- AES-CCM 802.16
- 3G 3G
- LTE Long Term Evolution
- LTE Long Term Evolution
- other wireless technologies for instance, if 802.16 wireless technology is used, then the TLS Record Layer Security Engine 16 will send an entire decrypted frame to the 802.16 driver, via interface 213 a. The wireless packet would then be sent to the TCP/IP Network Processor 21 (interface not shown in FIG. 2 ) for upper layer processing.
- FIG. 3 illustrates the protocol message flows, according to embodiments of the invention.
- the wireless client 3 and TLS Server 2 negotiate and use the security processing algorithms in the TLS security protocol, which are used for the wireless 802.11/802.16 layer-2 frame processing.
- Ciphers usable with this embodiment include, but are not limited to AES-CCM-128, AES-CCM-192, AES-CCM-256, and any combination of these ciphers with other asymmetric authentication algorithms such as RSA, Diffie-Hellman, DSA, etc.
- asymmetric authentication algorithms such as RSA, Diffie-Hellman, DSA, etc.
- an AES-CCM cipher may be used for encryption, and one of the other asymmetric authentication algorithms (e.g., RSA, Diffie-Hellman, etc.) used for entity authentication.
- Encryption, Message Integrity/Authentication, entity authentication, and replay protection are important parts of security. Algorithms that may be chosen are configured by a Security Administrator, depending on their Security Policy.
- the WNIC in the wireless client 3 will propagate to the TLS stack in TLS Server 2 , via message 301 , the wireless cryptographic algorithms negotiated as part of the 802.11 RSNA Security handshake.
- the handshake i.e., “negotiation”
- the handshake includes the receiver and sender sending all their supported security parameters to each other via handshake messages.
- the sender and receiver pick the most preferred of all options (as listed in order of priority) and convey that to each other.
- the TLS client stack within wireless client 3 will use the layer-2 cipher as the highest priority security option to the TLS server 2 , when establishing a communication session via a TLS-Client-Hello message 301 or equivalent.
- the layer-2 cipher may be the only priority security option available to the TLS server 2 , as determined during handshaking.
- TLS Server 2 accepts this security cipher option for use in the subsequent TLS Security session. This is done by the TLS Server 2 indicating its consent in the TLS-Server-Hello message 302 . After consent, the TLS Server 2 sends its security credentials to the wireless client 3 via message 303 , and the wireless client 3 optionally can send its security credentials to the TLS server 2 via messages 309 . Exchange of security credentials is accomplished by the Certificate and ServerKeyExchange messages, which are part of the TLS protocol.
- the wireless client 3 and TLS Server 2 compute the TLS Session keys for the negotiated cipher (e.g., the AES-CCM-128 algorithm).
- the wireless client 3 sends the ChangeCipherSpec message 304 to the TLS Server 2 to indicate setting the AES-CCM-128 security associations.
- the TLS Server 2 responds by sending the ChangeCipherSpec message 306 to the wireless client 3 to indicate setting its corresponding AES-CCM-128 security associations.
- the wireless client 3 then sends the TLS-Finished message 305 to the TLS Server 2 , which is encrypted with the same cipher suite as the wireless security (e.g., AES-CCM-128).
- the TLS Server 2 then sends a TLS-Finished message 307 to the wireless client 3 encrypted with the same cipher suite and keys, negotiated with the client (e.g., AES-CCM-128).
- the ChangeCipherSpec message and TLS-Finished message are known as part of the TLS protocol.
- FIG. 4 illustrates the new TLS message formats used to implement embodiments of the invention.
- the illustrated messages include new or modified fields that would be added to the TLS protocol standard.
- Client Hello message 401 has been modified by way of inserting one or more fields 401 a that indicate the security algorithms that were negotiated by the wireless link layer protocol.
- Server Hello message 402 has been modified by way of inserting field 402 a, which indicates the security algorithms that are proposed by the wireless client 3 in order of priority, if configured per the security policy of TLS Server 2 .
- TLS Protected Payload message 403 has been modified by way of inserting field 403 a, which indicates the AES-CCM security protocol parameters like the packet number, Nonce value and Key Identifier. A new packet number is used for each new packet, and a new Nonce value has to be computed for each packet.
- TLS Protected Payload message 403 forms part of the WLAN Protected Payload message 404 .
- No new modification is needed for WLAN Protected payload message 404 besides normal layer-2 (e.g., 802.11) security processing with the specific cipher selected (e.g., AES-CCM). If other ciphers are used, for instance AES-GCM, then message 404 needs to be secured using the AES-GCM cipher.
- FIG. 4 also shows the encrypted and integrity protected payload 405 within the TLS Protected Payload message 403 for TLS protocol security and the encrypted and integrity protected payload 406 within the WLAN Protected Payload message 404 for layer-2 (e.g., 802.11) security. Integrity protection is implemented in the Message Integrity Code (MIC) field.
- FIG. 4 also shows fields containing an identifier (e.g., the Cipher-ID) of the AES-CCM security algorithm to be used during negotiation in Client Hello and Server Hello messages, and the AES-CCM parameters to be delivered in the data payload.
- an identifier e.g., the Cipher-ID
- the implementer may opt for a mainly hardware and/or firmware vehicle; if flexibility is paramount, the implementer may opt for a mainly software implementation; or, yet again alternatively, the implementer may opt for some combination of hardware, software, and/or firmware.
- a signal bearing medium examples include, but are not limited to, the following: a recordable type medium such as a floppy disk, a hard disk drive, a Compact Disc (CD), a Digital Video Disk (DVD), a digital tape, a computer memory, etc.; and a transmission type medium such as a digital and/or an analog communication medium (e.g., a fiber optic cable, a waveguide, a wired communications link, a wireless communication link, etc.).
- a typical data processing system generally includes one or more of a system unit housing, a video display device, a memory such as volatile and non-volatile memory, processors such as microprocessors and digital signal processors, computational entities such as operating systems, drivers, graphical user interfaces, and applications programs, one or more interaction devices, such as a touch pad or screen, and/or control systems including feedback loops and control motors (e.g., feedback for sensing position and/or velocity; control motors for moving and/or adjusting components and/or quantities).
- a typical data processing system may be implemented utilizing any suitable commercially available components, such as those typically found in data computing/communication and/or network computing/communication systems.
- any two components so associated can also be viewed as being “operably connected”, or “operably coupled”, to each other to achieve the desired functionality, and any two components capable of being so associated can also be viewed as being “operably couplable”, to each other to achieve the desired functionality.
- operably couplable include but are not limited to physically mateable and/or physically interacting components and/or wirelessly interactable and/or wirelessly interacting components and/or logically interacting and/or logically interactable components.
Abstract
Description
- None.
- Embodiments of the invention relate to apparatus, system and method for improved encryption processing in wireless communication devices.
- Wireless access points (AP) such as WiFi hotspots provide pubic WLAN access in many locations such as airports, hotels, coffee shops, etc., providing networking access (e.g., internet access) to wireless clients. The wireless client may implement security measures such as encryption, which are used to prevent problems such as unauthorized access, eavesdropping, or spoofing of authorized users. The security measures may be implemented as security protocols at a networking layer, and/or security processing at a physical layer. The wireless client device may have more than one processor performing encryption processing.
- The embodiments of the invention relate to improved methodology of implementing security processing within a wireless client.
-
FIG. 1 shows a TLS session negotiating wireless cryptographic ciphers; -
FIG. 2 shows an architecture for efficient security processing packet flow for link-layer wireless and TLS communication; -
FIG. 3 shows additions to TLS standard protocol flow for negotiating layer-2 wireless security algorithms; -
FIG. 4 shows a TLS protocol message formats, modified to support embodiments of the present invention. - In the following description, numerous specific details are set forth. However, embodiments of the invention may be practiced without these specific details. In other instances, well-known circuits, structures and techniques have not been shown in detail in order not to obscure the understanding of this description.
- The following glossary defines terms used herein unless a different meaning is assigned within the context of usage. The Authoritative Dictionary of IEEE Standards Terms, Seventh Edition, should be referenced for terms not otherwise defined herein.
-
Acronym Definition AES Advanced Encryption Standard AES-CCM AES/Cipher Block Chaining-Message Authentication Code AES-CTR AES Counter AES-GCM AES - Galois Counter Mode AP Access Point BSS Basic Service Set CBC-MAC Cipher Block Chaining - Message Authentication Code DSA Digital Signature Algorithm IEEE Institute of Electrical and Electronic Engineers IETF Internet Engineering Task Force IPsec Internet Protocol Security MIC Message Integrity Code MID Mobile Internet Device PTK Pairwise Transient Key RSA Rivest Shamir Adleman RSNA Robust Security Network Association SA Security Association SHA Secure Hash Algorithm SSL Secure Socket Layer TCP/IP Transmission Control Protocol/Internet Protocol TLS Transport Layer Security UMPC Ultra-Mobile Personal Computer WNIC Wireless Network Interface Card - WiFi refers to wireless communication technology usable by both mobile and fixed communication devices. Mobile wireless technology may be specified in IEEE Standard 802.11, “Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications” and amendments thereto (hereinafter “IEEE 802.11” or “802.11”). The purpose of IEEE 802.11 is to provide wireless connectivity to automatic machinery, equipment, or stations that require rapid deployment, which may be portable or hand-held, or which may be mounted on moving vehicles within a local area. This standard also offers regulatory bodies a means of standardizing access to one or more frequency bands for the purpose of local area communication.
- Security mechanisms for wireless networks may be specified in IEEE 802.11i, an amendment to the original IEEE 802.11 standard, now incorporated into the published IEEE 802.11-2007 standard.
- IEEE 802.11r-2008, or fast Basic Service Set (BSS) transition, is an amendment to the IEEE 802.11 standard to permit continuous connectivity aboard wireless devices in motion, with fast and secure handoffs from one base station to another managed in a seamless manner. IEEE 802.11r redefines the security key negotiation protocol, allowing both the negotiation and requests for wireless resources.
- IEEE 802.11
Amendment 7, “Interworking with External Networks” may be referred to as “IEEE 802.11u” or “802.11u.” IEEE 802.11u specifies enhancements to 802.11 that support WLAN Interworking with External Networks, facilitating higher layer functionalities. IEEE 802.11u improves information transfer from external networks, aiding network selection, and enabling emergency services. - Wireless technology used by fixed wireless communication devices may be specified in IEEE Standard 802.16, “Air Interface for Fixed Broadband Wireless Systems” and amendments thereto (hereinafter “IEEE 802.16” or “802.16”). It will be understood as used herein that “wireless,” “wireless technology,” and similar terms may refer to either 802.11 or 802.16 unless expressly limited otherwise.
- The purpose of IEEE 802.16 is to specify the air interface of fixed broadband wireless access (BWA) systems supporting multimedia services. The medium access control layer (MAC) supports a primarily point-to-multipoint architecture, with an optional mesh topology. The MAC is structured to support multiple physical layer (PHY) specifications, each suited to a particular operational environment. For operational frequencies from 10-66 GHz, the PHY is based on single-carrier modulation. For frequencies below 11 GHz, where propagation without a direct line of sight must be accommodated, three alternatives are provided: orthogonal frequency-division multiplexing (i.e., WirelessMAN-OFDM or “OFDM”); orthogonal frequency-division multiple access (i.e., WirelessMAN-OFDMA or “OFDMA”); and orthogonal frequency-division using single-carrier modulation (i.e., WirelessMAN-SCa or “single-carrier modulation”).
- IEEE 802.16e provides enhancements to IEEE Std 802.16 to support subscriber stations moving at vehicular speeds and thereby specifies a system for combined fixed and mobile broadband wireless access. Fixed IEEE 802.16 subscriber capabilities are not compromised.
- IEEE 802.16m is a draft amendment to IEEE 802.16, providing an advanced air interface meeting the cellular layer requirements of advanced next generation mobile networks, with continuing support for legacy wireless equipment.
- WiFi hotspots provide pubic WLAN access in many locations such as airports, hotels, coffee shops, etc. and may provide various services such as internet access, streaming video (e.g., IP TV), IMS, and online games. There is a need for security in order to prevent problems such as eavesdropping, spoofing, unauthorized access, etc. Security may be provided at more than one layer of a networking model.
- A networkable wireless device includes a wireless network interface card (WNIC). Conventional packet processing on wireless devices performs wireless security processing on the WNIC, and the TLS (or IPSec) packet is processed on the main processor of the wireless device, then delivered to a different cryptographic processor within the wireless device for security processing, then sent back to the main processor of the wireless device for further delivery to an application (e.g., a browser).
- IETF TLS/SSL security protocols use security processing algorithms at a higher layer that are distinct from the protocols used for wireless security processing at lower layers, e.g., as specified in IEEE 802.11i, 802.11r, 802.16e, and 802.16m. While this is adequate for coarse grained client processing, for instance for transport-layer security in laptop computers, applying existing security methods from the TLS layer to communication packets processed at lower layers is disadvantageous because such methods increase the packet security processing overhead. Processing each packet on a wireless device using TLS/SSL security protocols would include executing a complex, multi-loop path between a host, to/from a processor implementing cryptographic functions, to/from a separate WNIC processor. Processors, as used herein (unless a different meaning is clearly indicated by the context of usage), may include either separate processing chips implementing processing functions, or separate independent processing cores physically on the same chip.
- The increase in security processing steps arises because the TLS standard does not allow clients to negotiate wireless layer-2 (i.e., networking-layer) security ciphers. Instead, transport layer security processing is performed via software algorithms running on a processor (e.g. host processor on a laptop) performing the cryptographic functions. Wireless packet and security processing typically is performed on a separate wireless processor. This division of processing tasks degrades the overall power consumption of the wireless device because signals, including data packet and state, have to be driven from one chipset to another chipset. Furthermore, it may not be possible to place some of these processors in any extended period of reduced power consumption while the security processing is taking place.
- For low-power, ultramobile devices such as Mobile Internet Devices (MID)/Ultra-Mobile PC (UMPC) devices, the power consumption and latency needed to process each communication packet increases significantly, arising from the increase in security processing steps. This in turn causes an undesirable decrease in battery life and increase in heat to be dissipated.
- In order to overcome the aforementioned problems, embodiments of the present invention propose security extensions to the IETF TLS or IETF IPsec standards, which enable the Mobile Internet Devices (MID) architectures to perform power-efficient and streamlined security packet processing. Transport Layer Security protocol is the ubiquitous application security protocol of the internet, used in bank transactions, intranet security, web services, etc. Embodiments of the invention have a further advantage of reducing power consumption of the wireless device by placing at least a portion of the wireless device in a lower power consumption mode during at least a portion of the time used to process security. In particular, a host/chipset complex may be placed in such a reduced-power state, then woken up to a higher-power state after all security processing has been done in the WNIC.
- In particular, embodiments of the invention may include a method for providing communication security at a first networking layer, and at a second networking layer different than the first networking layer, for a wireless client comprising a first processor, the method including steps of obtaining a security algorithm from a first controller for use in security processes at a first networking layer, wherein the first controller is associated with the first networking layer, and negotiating with a second controller for use of the security algorithm for use in security processes at a second networking layer, wherein the second controller is associated with the second networking layer, and wherein the security processes in the wireless client at the first networking layer and the second networking layer are performed in the first processor.
- Further, the method may include operating at least a portion of the wireless client at a reduced power level during at least a portion of obtaining a security algorithm from a first controller and negotiating with a second controller.
- Optionally, the method may apply when the first networking layer is a link-layer and the second networking layer is a network-layer. The second networking layer for instance may be TLS or IPsec.
- The method may further operate by obtaining a security algorithm from a first controller by a method that includes requesting the security algorithm for first-layer security by the wireless client from the first controller, and delivering the security algorithm to a TLS stack within the wireless client.
- The method may further operate by negotiating with the second controller by a method that includes presenting the security algorithm to the second controller for use by the second controller to provide network-layer security when communicating with the wireless client, receiving a security algorithm confirmation from the second controller, and configuring the wireless client to use the security algorithm for both first-layer and second-layer security processing.
- The security algorithm for the method may be, for instance, AES-CCM or AES-GCM.
- Delivery of the security algorithm to the TLS stack further may further include placing the security algorithm as a top-priority security algorithm for TLS sessions, or configuring the security algorithm into the TLS stack.
- Currently, the TLS protocol does not have an option of including the Advanced Encryption Standard/Cipher Block Chaining-Message Authentication Code (AES-CCM) security algorithm for use in TLS. Generally, a security algorithm herein may be referred to as a cipher. A cipher is one part of a security protocol. Generally, a security protocol includes additional functions such as authentication, key assertion, liveness checks, and related functions. The AES-CCM cipher is widely used in 802.11 and 802.16, but other ciphers such as AES-GCM are also available. Embodiments of the present invention describe additions to the TLS protocol to include layer-2 ciphers (e.g., AES-CCM, AES-GCM, etc.) during cipher negotiation, so that processor implementing IEEE 802.11 and IEEE 802.16 can use their existing layer-2 cryptographic processing engines (e.g., AES-CCM and AES-GCM) to perform TLS security processing. An engine, as referred to herein, is a set of lookup and/or classification logic, implemented in firmware and/or hardware, that detects the protocol type and security type of the packet at each networking layer.
- Packets processed for WLAN and TLS security in accord with embodiments of the present invention are processed in a pipelined manner, eliminating the multi-loop processing that currently exists. This has the benefit of decreasing the power consumed to process each packet. Furthermore, while security processing is being performed in the WNIC, other processing portions of the wireless device can be put into a power-saving mode, and then removed from the power-saving mode after the security processing is completed, thus further saving power and extending battery life of the wireless device. Based on basic packet processing analysis, this invention improves battery life when used in small, low-powered devices, e.g., devices based on the MID/UMPC platforms, and/or mobile phones or smart-phones that are capable of providing Internet access via 802.11, 802.16, or other wireless access protocols.
- Embodiments of the present invention introduce a change in the TLS protocol having a beneficial impact to the wireless device, by eliminating the need for using multiple engines to process security for different protocol layers. Embodiments of the present invention introduce a single cross-layer security processor. Conventional wireless products do not have a single or unified security processor for all wireless (layer-2), IPsec (layer-3) and TLS (layer-4) security processing.
- Embodiments of the present invention provide a pipeline mode, cutting through multiple layers of networking hierarchy, for efficiently processing multiple layers of networking security for an incoming packet. The pipeline mode enables processing the security in a single pass through a security engine in a single processor chip. Embodiments of the present invention add a deep packet lookup engine between the pipelines. As is known by a person of ordinary skill in the art, deep packet (“DP”) lookup operates by analyzing the content in both the packet header and the payload over a series of packet transactions. Consequently, DP provides the ability to analyze network usage and optimize network performance, thereby enabling a network operator to manage more effectively the traffic flow through the network.
- One embodiment of the present invention adds AES-CCM into the TLS protocol, thereby achieving at least the following benefits:
- (1) Because AES-CCM is a more efficient security algorithm, and provides improved processing throughput or processing speed of security packets compared to the security processing performed at Layer-2 by the WNIC, adding AES-CCM cryptographic processing to the TLS protocol will improve overall TLS packet processing latency. Benefits are further achieved because AES-CCM cryptographic processing requires only five block cipher operations per packet, resulting in minimal packet expansion after security encryption processing is done. Encryption and decryption both require one block cipher encryption function. Encryption and authentication can be performed simultaneously by hardware, without waiting for encryption to be completed before performing the authentication check;
- (2) Usage of AES-CCM allows combining the AES-CTR mode for data confidentiality and Cipher Block Chaining Message Authentication Code (“CBC-MAC”) for integrity and authentication. AES-CTR and CBC-MAC are operating modes that are well known to persons of ordinary skill in the art. Techniques of combining AES-CTR and CBC-MAC are well known to persons of ordinary skill in the art, for instance as described in R. Housley (RSA Laboratories), “Counter with CBC-MAC (CCM) AES Mode of Operation”, public submission to NIST;
- (3) AES-CCM will be able to perform encryption and a Message Integrity Code (MIC) calculation as part of same algorithm. This eliminates the need to perform separate encryption and separate message authentication, as is currently done in TLS. In contrast, the conventional method of performing encryption using the SHA integrity security algorithms is relatively more computationally expensive than using AES;
- (4) To the extent that WNICs may already support AES-CCM processing capability, adding AES-CCM into the TLS protocol standard enables WNIC hardware to be extended, using existing WNIC hardware, to perform TLS security.
- Referring to
FIG. 1 , a first embodiment of the invention is described below, including the protocol components, protocol message flows, and expected behavior.FIG. 1 illustrates an exemplary network level diagram, illustrating the major components in the network when a client initiates a TLS session with any Application Server protected with TLS security, and uses TLS extensions.FIG. 1 illustrates an embodiment of the invention, that of thewireless client 3 negotiating the same cryptographic cipher suites with theremote TLS Server 2, as that used by the wireless layer. A cipher suite, as used herein (unless a different meaning is clearly indicated by the context of usage), refers to a family of related cryptographic algorithms for protecting the message, e.g., AES, DES, etc. TheTLS Server 2 is one embodiment of an Application Security Server. A TLS Stack refers to generic software and/or hardware components on a machine that processes TLS protocol packets. Embodiments of the invention may be practiced in networks that rely upon a non-TLS protocol, by use of an Application Security Server directed to the non-TLS protocol. - Referring to
FIG. 1 , aWLAN controller 4 is in control of wireless access point AP designated as 5. Additional access points (not shown) may also be controlled byWLAN controller 4.WLAN controller 4 andaccess point 5 will be of compatible technology, e.g., both 802.11 or both 802.16. Awireless client 3 is illustrated as a laptop PC, but may be any communication device with wireless communication capability compatible with IEEE 802.11 and/or 802.16. It will be understood that the embodiments described may also be used with other wireless technology standards. Thewireless client 3 is incommunication 8 with at least one of the access points, forexample AP 5. - The
wireless client 3 obtains a cipher fromAP 5, e.g., the AES-CCM-128 cipher, for use at the link-layer. However, this embodiment is not limited to this cipher, and applies to all present ciphers and security modes, future ciphers that may be introduced in wireless or TLS suites, and other security modes of AES. A “mode” as used herein (unless a different meaning is clearly indicated by the context of usage) is the use of a cipher for a specific purpose, e.g. using AES for encryption only is one mode; using AES for encryption and authentication is a second mode; etc. - The
wireless client 3 implements the TLS protocol, which includes various software components (not shown) such as a client wireless driver, TLS stack (not shown), and software drivers used for inter-processor communications. The TLS stack is a set of protocol processing components withinwireless client 3. Afterwireless client 3 has obtained a link-layer cipher fromAP 5, the link-layer driver ofwireless client 3 delivers this cipher to the TLS stack of thewireless client 3, and places the cipher as the preferred cipher for TLS sessions. A platform may support multiple layer-2 ciphers, e.g., AES-CCM and AES-GCM; however, it may negotiate only one of the layer-2 ciphers withAP 5. Alternatively, for platforms that support only a single layer-2 cipher, information about the supported layer-2 cipher can be configured into the TLS stack ofwireless client 3. Configuring the cipher into the TLS stack equivalently may be referred to as delivering the cipher to the TLS stack. - The wireless client is then able to initiate a TLS session with a remote application server. When the
wireless client 3 initiates this session, thewireless client 3 presents the cipher obtained fromAP 5, e.g., the AES-CCM-128 cipher, as the cipher for theTLS server 2 to accept. - The
TLS server 2 then processes the cipher presented by thewireless client 3, and if the cipher is supported by theTLS server 2, the cipher presented by the wireless client will be accepted as the cipher for transport layer security. - The
wireless client 3 and theTLS server 2 then establish application transport layer security using the cipher obtained fromAP 5, e.g., the AES-CCM-128 cipher, by initiating the communication link using the cipher. - The
wireless client 3 may also use the same security processing engine in their wireless processor to process layer-2 (i.e., networking-layer) and layer-4 (transport layer) security processing security in tandem. Such tandem security processing will be associated with each other because of the cipher, but will not necessarily be performed together in a temporal sense. Optionally, separate security processing engines may be used, for instance in the case of wireless client implemented with a multi-core CPU. - By this first embodiment described above, the
wireless client 3 is able to process packets for both wireless security at the transport layer (layer-4) and networking layer (layer-2) without waking the main processor of thewireless client 3 or routing encrypted packet through the main processor. -
FIG. 2 illustrates an architecture within the wireless client for efficient security processing packet flow for wireless and TLS processing, according to the method of the first embodiment. The architecture is described in terms of a multi-core platform 10 (i.e., a processor having multiple independent processing cores), because themulti-core platform 10 offers the most flexibility in describing embodiments of the invention. The functions described in this embodiment may interchangeably be executed in various kinds of processors, for instance one of more of virtualization and/or virtual platforms (i.e., a platform with virtualization technology, wherein virtualization is a technology that allows same software to run on different hardware) multi-core processors, system on chip, or a multi-chip solution. The execution is interchangeable in the sense that theapplication server 1, theTLS server 2, theWLAN controller 4, and/or thewireless client 3 may be implemented with any of these types of processors without affecting the method of the first embodiment of the invention. - An architecture in accord with
FIG. 2 features asecurity processing engine 11 in theComms processor 12 using a pipeline mode to process packets for different layers of the stack. TheComms processor 12 is a communication engine. The various engines ofFIG. 2 may be implemented within any combination of the plurality of cores within a multi-core processor. Pipeline mode refers to a broad functional pipeline of processing steps needed to process a packet. Pipeline mode uses a security pipeline architecture that processes all packets for multiple layer security, each packet being inspected for upper layer presence. Layer-2 and Layer-4 security processing is demonstrated in this embodiment. This also applies to Layer-2 and Layer-3 (i.e., IETF IPsec) security processing. It is known to persons of ordinary skill in the art that adapting the methods disclosed herein to process Layer-2 and Layer-3 communications would include examining the different fields within a packet, and applying different security encapsulation processing suitable for the layers processed. Every security protocol (e.g., layers 2, 3, and 4) has a frame format that typically is different than the frame format used by a different security protocol. - Once the Layer-2 security cipher is established via
interface 201, the driver in thewireless client 3 installs the security association, including a cryptographic key and packet counters, into aSecurity Association Cache 13. The security association is the establishment of shared security information between two network entities to support secure communication. - Next in the present embodiment, the layer-2 wireless driver (e.g., 802.11
driver 22, or 802.16 driver 24) delivers the security algorithm negotiated at layer-2 (e.g. AES-CCM) viainterface 202 to theTLS Processor 19. TheTLS Processor 19 uses the wireless security algorithms (i.e., layer-2), on packets to or from interface 203, while executing the TLS Security handshake at layer-4. - If the selected cipher assigned by
WLAN controller 4 is presented to, and accepted by, theTLS Server 2 then theTLS Processor 19 installs the TLS Security Association into theSecurity Association Cache 13 viainterface 204. - Next, the
wireless frame processor 14 installs the Security Associations (e.g. 802.11 Pairwise Transient Key (PTK)) into theSecurity Association Cache 13 viainterface 205, upon conclusion of the wireless security (i.e., layer-2) protocol handshake. - Thereafter, a wireless packet arriving at the
comms processor 12 viainterface 206 is processed by thewireless frame processor 14, wherein the processing includes at least ensuring that all fields in the wireless frame are consistent with the protocol and sent in the correct order. The processed packet is delivered viainterface 207 to the Security Processing Engine 17 (in Comms Processor 12) by thewireless frame processor 14. Associated with this delivery, the Layer-2 wireless Security Association is fetched from theSecurity Association Cache 13 by theSecurity Processing Engine 17, viainterface 215. TheSecurity Processing Engine 17 decrypts the packet using the Security Association fetched for each packet from theSecurity Association Cache 13. The wireless frame decrypted in thesecurity processing engine 17 is sent back to thewireless frame processor 14 viainterface 208. - After the wireless frame is decrypted, the
wireless frame processor 14 processes the frame to ensure compliance with the protocol—e.g. all fields are ordered correctly, that they contain valid values, and, both sides agree on protocol packet processing, etc. Thewireless frame processor 14 then sends the decrypted and validated frame to the DeepPacket Inspection Engine 15, viainterface 209, for inspecting the packet for the presence of upper protocol headers and identifying TLS (or IPsec) packets. - If packet is a TLS packet, then the packet is sent to a TLS Record Layer
Security Processing Engine 16 withinComms Processor 12, viainterface 210. If the packet is not a TLS packet, it will be processed by a separate security processing engine (not shown) that is compatible with the packet type. TLS Record LayerSecurity Processing Engine 16 will verify that the protocol headers are consistent, prior to sending the packet for decryption. - The packet then is sent via
interface 211 to theSecurity Processing Engine 17, which is the same security processing engine as was used by the Wireless frame security processing. TheSecurity Processing Engine 17 uses the TLS Security Associations from theSecurity Associations Cache 13. After the packet has been processed for the TLS security, including decrypting the packet and performing a message authentication check, the processed packet is sent back to the TLS RecordLayer Security Engine 16 viainterface 212. - The entire decrypted wireless frame is passed to the wireless driver, e.g., the 802.11
driver 22, viainterface 213. The 802.11driver 22 performs more frame processing—e.g., by processing any fields that need to be verified. Such field verification may include checking protocol field values, etc., and then passing the frame for upper layer protocol processing. The 802.11driver 22,wireless client 3 andAP 5 use Robust Security Network Association (RSNA)Capability Negotiation 23 as the mechanism to negotiate security parameters such as ciphers, the type of authentication to use, the type of keys to derive, etc. Other wireless drivers, e.g., the 802.16driver 24, will also have asecurity capability negotiation 25 performing similar functions asRSNA Capability Negotiation 23. - The wireless packet then is sent to a TCP/
IP Network Processor 21, viainterface 214, for upper layer processing. The TLS stack will get this packet and forward it to the upper application (e.g. a browser). The TLS stack ofwireless client 3 may be implemented in the TCP/IP Network Processor 21, or it may be implemented in a separate processor. - It will be understood that embodiments described herein may be expanded to include the ciphers used in 802.16 (AES-CCM), 3G, LTE and other wireless technologies in the link used by the TLS Security protocol. For instance, if 802.16 wireless technology is used, then the TLS Record
Layer Security Engine 16 will send an entire decrypted frame to the 802.16 driver, viainterface 213 a. The wireless packet would then be sent to the TCP/IP Network Processor 21 (interface not shown inFIG. 2 ) for upper layer processing. -
FIG. 3 illustrates the protocol message flows, according to embodiments of the invention. Thewireless client 3 andTLS Server 2 negotiate and use the security processing algorithms in the TLS security protocol, which are used for the wireless 802.11/802.16 layer-2 frame processing. - The protocol is described for the TLS protocol, but can be extended to use IETF IPsec and other transport layer security protocols. Ciphers usable with this embodiment include, but are not limited to AES-CCM-128, AES-CCM-192, AES-CCM-256, and any combination of these ciphers with other asymmetric authentication algorithms such as RSA, Diffie-Hellman, DSA, etc. For instance, an AES-CCM cipher may be used for encryption, and one of the other asymmetric authentication algorithms (e.g., RSA, Diffie-Hellman, etc.) used for entity authentication. Encryption, Message Integrity/Authentication, entity authentication, and replay protection are important parts of security. Algorithms that may be chosen are configured by a Security Administrator, depending on their Security Policy.
- Referring to
FIG. 3 , first the WNIC in thewireless client 3 will propagate to the TLS stack inTLS Server 2, viamessage 301, the wireless cryptographic algorithms negotiated as part of the 802.11 RSNA Security handshake. Typically, the handshake (i.e., “negotiation”) includes the receiver and sender sending all their supported security parameters to each other via handshake messages. The sender and receiver then pick the most preferred of all options (as listed in order of priority) and convey that to each other. - The TLS client stack within
wireless client 3 will use the layer-2 cipher as the highest priority security option to theTLS server 2, when establishing a communication session via a TLS-Client-Hello message 301 or equivalent. Alternatively, the layer-2 cipher may be the only priority security option available to theTLS server 2, as determined during handshaking. -
TLS Server 2 accepts this security cipher option for use in the subsequent TLS Security session. This is done by theTLS Server 2 indicating its consent in the TLS-Server-Hello message 302. After consent, theTLS Server 2 sends its security credentials to thewireless client 3 viamessage 303, and thewireless client 3 optionally can send its security credentials to theTLS server 2 viamessages 309. Exchange of security credentials is accomplished by the Certificate and ServerKeyExchange messages, which are part of the TLS protocol. - The
wireless client 3 andTLS Server 2 compute the TLS Session keys for the negotiated cipher (e.g., the AES-CCM-128 algorithm). Thewireless client 3 sends theChangeCipherSpec message 304 to theTLS Server 2 to indicate setting the AES-CCM-128 security associations. TheTLS Server 2 responds by sending theChangeCipherSpec message 306 to thewireless client 3 to indicate setting its corresponding AES-CCM-128 security associations. - The
wireless client 3 then sends the TLS-Finished message 305 to theTLS Server 2, which is encrypted with the same cipher suite as the wireless security (e.g., AES-CCM-128). TheTLS Server 2 then sends a TLS-Finished message 307 to thewireless client 3 encrypted with the same cipher suite and keys, negotiated with the client (e.g., AES-CCM-128). The ChangeCipherSpec message and TLS-Finished message are known as part of the TLS protocol. After the same ciphers are set in thewireless client 3 and theTLS Server 2,messages 308 protected by the cipher may be exchanged. -
FIG. 4 illustrates the new TLS message formats used to implement embodiments of the invention. The illustrated messages include new or modified fields that would be added to the TLS protocol standard. -
Client Hello message 401 has been modified by way of inserting one ormore fields 401 a that indicate the security algorithms that were negotiated by the wireless link layer protocol. -
Server Hello message 402 has been modified by way of insertingfield 402 a, which indicates the security algorithms that are proposed by thewireless client 3 in order of priority, if configured per the security policy ofTLS Server 2. - TLS Protected
Payload message 403 has been modified by way of insertingfield 403 a, which indicates the AES-CCM security protocol parameters like the packet number, Nonce value and Key Identifier. A new packet number is used for each new packet, and a new Nonce value has to be computed for each packet. - TLS Protected
Payload message 403 forms part of the WLAN ProtectedPayload message 404. No new modification is needed for WLAN Protectedpayload message 404 besides normal layer-2 (e.g., 802.11) security processing with the specific cipher selected (e.g., AES-CCM). If other ciphers are used, for instance AES-GCM, thenmessage 404 needs to be secured using the AES-GCM cipher. -
FIG. 4 also shows the encrypted and integrity protectedpayload 405 within the TLS ProtectedPayload message 403 for TLS protocol security and the encrypted and integrity protectedpayload 406 within the WLAN ProtectedPayload message 404 for layer-2 (e.g., 802.11) security. Integrity protection is implemented in the Message Integrity Code (MIC) field.FIG. 4 also shows fields containing an identifier (e.g., the Cipher-ID) of the AES-CCM security algorithm to be used during negotiation in Client Hello and Server Hello messages, and the AES-CCM parameters to be delivered in the data payload. - There is little distinction left between hardware and software implementations of aspects of systems; the use of hardware or software is generally (but not always, in that in certain contexts the choice between hardware and software can become significant) a design choice representing cost vs. efficiency tradeoffs. There are various vehicles by which processes and/or systems and/or other technologies described herein can be effected (e.g., hardware, software, and/or firmware), and that the preferred vehicle will vary with the context in which the processes and/or systems and/or other technologies are deployed. For example, if an implementer determines that speed and accuracy are paramount, the implementer may opt for a mainly hardware and/or firmware vehicle; if flexibility is paramount, the implementer may opt for a mainly software implementation; or, yet again alternatively, the implementer may opt for some combination of hardware, software, and/or firmware.
- The foregoing detailed description has set forth various embodiments of the devices and/or processes via the use of block diagrams, flowcharts, and/or examples. Insofar as such block diagrams, flowcharts, and/or examples contain one or more functions and/or operations, it will be understood by those within the art that each function and/or operation within such block diagrams, flowcharts, or examples can be implemented, individually and/or collectively, by a wide range of hardware, software, firmware, or virtually any combination thereof. In one embodiment, several portions of the subject matter described herein may be implemented via Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs), digital signal processors (DSPs), or other integrated formats. However, those skilled in the art will recognize that some aspects of the embodiments disclosed herein, in whole or in part, can be equivalently implemented in integrated circuits, as one or more computer programs running on one or more computers (e.g., as one or more programs running on one or more computer systems), as one or more programs running on one or more processors (e.g., as one or more programs running on one or more microprocessors), as firmware, or as virtually any combination thereof, and that designing the circuitry and/or writing the code for the software and or firmware would be well within the skill of one of skill in the art in light of this disclosure. In addition, those skilled in the art will appreciate that the mechanisms of the subject matter described herein are capable of being distributed as a program product in a variety of forms, and that an illustrative embodiment of the subject matter described herein applies regardless of the particular type of signal bearing medium used to actually carry out the distribution. Examples of a signal bearing medium include, but are not limited to, the following: a recordable type medium such as a floppy disk, a hard disk drive, a Compact Disc (CD), a Digital Video Disk (DVD), a digital tape, a computer memory, etc.; and a transmission type medium such as a digital and/or an analog communication medium (e.g., a fiber optic cable, a waveguide, a wired communications link, a wireless communication link, etc.).
- Those skilled in the art will recognize that it is common within the art to describe devices and/or processes in the fashion set forth herein, and thereafter use engineering practices to integrate such described devices and/or processes into data processing systems. That is, at least a portion of the devices and/or processes described herein can be integrated into a data processing system via a reasonable amount of experimentation. Those having skill in the art will recognize that a typical data processing system generally includes one or more of a system unit housing, a video display device, a memory such as volatile and non-volatile memory, processors such as microprocessors and digital signal processors, computational entities such as operating systems, drivers, graphical user interfaces, and applications programs, one or more interaction devices, such as a touch pad or screen, and/or control systems including feedback loops and control motors (e.g., feedback for sensing position and/or velocity; control motors for moving and/or adjusting components and/or quantities). A typical data processing system may be implemented utilizing any suitable commercially available components, such as those typically found in data computing/communication and/or network computing/communication systems.
- The herein described subject matter sometimes illustrates different components contained within, or connected with, different other components. It is to be understood that such depicted architectures are merely exemplary, and that in fact many other architectures can be implemented which achieve the same functionality. In a conceptual sense, any arrangement of components to achieve the same functionality is effectively “associated” such that the desired functionality is achieved. Hence, any two components herein combined to achieve a particular functionality can be seen as “associated with” each other such that the desired functionality is achieved, irrespective of architectures or intermedial components. Likewise, any two components so associated can also be viewed as being “operably connected”, or “operably coupled”, to each other to achieve the desired functionality, and any two components capable of being so associated can also be viewed as being “operably couplable”, to each other to achieve the desired functionality. Specific examples of operably couplable include but are not limited to physically mateable and/or physically interacting components and/or wirelessly interactable and/or wirelessly interacting components and/or logically interacting and/or logically interactable components.
- With respect to the use of substantially any plural and/or singular terms herein, those having skill in the art can translate from the plural to the singular and/or from the singular to the plural as is appropriate to the context and/or application. The various singular/plural permutations may be expressly set forth herein for sake of clarity.
- It will be understood by those within the art that, in general, terms used herein, and especially in the appended claims (e.g., bodies of the appended claims) are generally intended as “open” terms (e.g., the term “including” should be interpreted as “including but not limited to,” the term “having” should be interpreted as “having at least,” the term “includes” should be interpreted as “includes but is not limited to,” etc.). It will be further understood by those within the art that if a specific number of an introduced claim recitation is intended, such an intent will be explicitly recited in the claim, and in the absence of such recitation no such intent is present. For example, as an aid to understanding, the following appended claims may contain usage of the introductory phrases “at least one” and “one or more” to introduce claim recitations. However, the use of such phrases should not be construed to imply that the introduction of a claim recitation by the indefinite articles “a” or “an” limits any particular claim containing such introduced claim recitation to inventions containing only one such recitation, even when the same claim includes the introductory phrases “one or more” or “at least one” and indefinite articles such as “a” or “an” (e.g., “a” and/or “an” should typically be interpreted to mean “at least one” or “one or more”); the same holds true for the use of definite articles used to introduce claim recitations. In addition, even if a specific number of an introduced claim recitation is explicitly recited, those skilled in the art will recognize that such recitation should typically be interpreted to mean at least the recited number (e.g., the re recitation of “two recitations,” without other modifiers, typically means at least two recitations, or two or more recitations). Furthermore, in those instances where a convention analogous to “at least one of A, B and C,” etc. is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., “a system having at least one of A, B and C” would include but not be limited to systems that have A alone, B alone, C alone, A and B together, A and C together, B and C together, and/or A, B and C together, etc.). In those instances where a convention analogous to “at least one of A, B or C, etc.” is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., “a system having at least one of A, B, or C” would include but not be limited to systems that have A alone, B alone, C alone, A and B together, A and C together, B and C together, and/or A, B and C together, etc.). It will be further understood by those within the art that virtually any disjunctive word and/or phrase presenting two or more alternative terms, whether in the description, claims, or drawings, should be understood to contemplate the possibilities of including one of the terms, either of the terms, or both terms. For example, the phrase “A or B” will be understood to include the possibilities of “A” or “B” or “A and B.”
- All references, including but not limited to patents, patent applications, and non-patent literature are hereby incorporated by reference herein in their entirety.
- While various aspects and embodiments have been disclosed herein, other aspects and embodiments will be apparent to those skilled in the art. The various aspects and embodiments disclosed herein are for purposes of illustration and are not intended to be limiting, with the true scope and spirit being indicated by the following claims.
- This application may disclose several numerical range limitations that support any range within the disclosed numerical ranges even though a precise range limitation is not stated verbatim in the specification because the embodiments of the invention could be practiced throughout the disclosed numerical ranges. Finally, the entire disclosure of the patents and publications referred in this application, if any, are hereby incorporated herein in entirety by reference.
Claims (21)
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/343,119 US8769257B2 (en) | 2008-12-23 | 2008-12-23 | Method and apparatus for extending transport layer security protocol for power-efficient wireless security processing |
JP2009286993A JP2010158006A (en) | 2008-12-23 | 2009-12-17 | Method for expanding security protocol of transport layer for improving power efficiency in radio security process |
EP09180017A EP2203007A1 (en) | 2008-12-23 | 2009-12-18 | System and method |
CN2009102659648A CN101778382B (en) | 2008-12-23 | 2009-12-22 | Apparatus, method and system for extending transport layer security protocol for power-efficient wireless security processing |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/343,119 US8769257B2 (en) | 2008-12-23 | 2008-12-23 | Method and apparatus for extending transport layer security protocol for power-efficient wireless security processing |
Publications (2)
Publication Number | Publication Date |
---|---|
US20100161959A1 true US20100161959A1 (en) | 2010-06-24 |
US8769257B2 US8769257B2 (en) | 2014-07-01 |
Family
ID=42079136
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/343,119 Expired - Fee Related US8769257B2 (en) | 2008-12-23 | 2008-12-23 | Method and apparatus for extending transport layer security protocol for power-efficient wireless security processing |
Country Status (4)
Country | Link |
---|---|
US (1) | US8769257B2 (en) |
EP (1) | EP2203007A1 (en) |
JP (1) | JP2010158006A (en) |
CN (1) | CN101778382B (en) |
Cited By (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120311348A1 (en) * | 2011-06-03 | 2012-12-06 | Kevin Joel Osugi | Method and System for Embedded High Performance Reconfigurable Firmware Cipher |
US20130191635A1 (en) * | 2009-11-26 | 2013-07-25 | Kabushiki Ksisha Toshiba | Wireless authentication terminal |
CN103402202A (en) * | 2013-08-20 | 2013-11-20 | 武汉虹信通信技术有限责任公司 | Terminal access limiting method based on 802.11 protocol in WLAN (wireless local area network) |
US20140136853A1 (en) * | 2012-11-14 | 2014-05-15 | Fujitsu Limited | Apparatus and method for performing different cryptographic algorithms in a communication system |
US20140153723A1 (en) * | 2012-06-01 | 2014-06-05 | Georgia Tech Research Corporation | System for providing physical layer security |
WO2016007333A1 (en) * | 2014-07-09 | 2016-01-14 | Seven Networks, Inc. | Secure handling of secure socket layer ("ssl") traffic |
US20160112454A1 (en) * | 2014-10-20 | 2016-04-21 | Samsung Electronics Co., Ltd. | Electronic device and method for data communication |
WO2018045590A1 (en) | 2016-09-12 | 2018-03-15 | Telefonaktiebolaget Lm Ericsson (Publ) | A method for secure link layer connection over wireless local area networks |
US10110573B2 (en) | 2010-07-08 | 2018-10-23 | Texas Instruments Incorporated | Packet-processing with CPPI DMA streaming interface ingress and egress ports |
US20190132801A1 (en) * | 2017-10-30 | 2019-05-02 | Dexcom, Inc. | Diabetes management partner interface for wireless communication of analyte data |
WO2020118007A1 (en) * | 2018-12-05 | 2020-06-11 | Akamai Technologies, Inc. | High performance distributed system of record with secure interoperability to external systems |
US10764328B2 (en) | 2017-11-03 | 2020-09-01 | International Business Machines Corporation | Altering cipher and key within an established session |
US10775871B2 (en) | 2016-11-10 | 2020-09-15 | Apple Inc. | Methods and apparatus for providing individualized power control for peripheral sub-systems |
US10789198B2 (en) * | 2018-01-09 | 2020-09-29 | Apple Inc. | Methods and apparatus for reduced-latency data transmission with an inter-processor communication link between independently operable processors |
US10841880B2 (en) | 2016-01-27 | 2020-11-17 | Apple Inc. | Apparatus and methods for wake-limiting with an inter-device communication link |
US10846237B2 (en) | 2016-02-29 | 2020-11-24 | Apple Inc. | Methods and apparatus for locking at least a portion of a shared memory resource |
US10845868B2 (en) | 2014-10-08 | 2020-11-24 | Apple Inc. | Methods and apparatus for running and booting an inter-processor communication link between independently operable processors |
US10853272B2 (en) | 2016-03-31 | 2020-12-01 | Apple Inc. | Memory access protection apparatus and methods for memory mapped access between independently operable processors |
US20210250351A1 (en) * | 2020-02-07 | 2021-08-12 | Continental Teves Ag & Co. Ohg | Authentication Method |
US11176064B2 (en) | 2018-05-18 | 2021-11-16 | Apple Inc. | Methods and apparatus for reduced overhead data transfer with a shared ring buffer |
EP4221084A1 (en) * | 2022-01-28 | 2023-08-02 | Avago Technologies International Sales Pte. Limited | A high performance architecture for converged network and security systems and appliances |
US11809258B2 (en) | 2016-11-10 | 2023-11-07 | Apple Inc. | Methods and apparatus for providing peripheral sub-system stability |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8588088B2 (en) * | 2010-11-01 | 2013-11-19 | Alcatel Lucent | Content based VLAN classification and framework for ethernet network to support content based bridging |
US11246028B2 (en) | 2019-03-14 | 2022-02-08 | Cisco Technology, Inc. | Multiple authenticated identities for a single wireless association |
US11133698B2 (en) | 2019-09-01 | 2021-09-28 | Wen Cai | Wireless charging systems and methods for controlling the same |
Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040098588A1 (en) * | 2002-11-19 | 2004-05-20 | Toshiba America Research, Inc. | Interlayer fast authentication or re-authentication for network communication |
US20050165953A1 (en) * | 2004-01-22 | 2005-07-28 | Yoshihiro Oba | Serving network selection and multihoming using IP access network |
US20070022289A1 (en) * | 2005-07-20 | 2007-01-25 | Mci, Inc. | Method and system for providing secure credential storage to support interdomain traversal |
US20070019622A1 (en) * | 2005-07-20 | 2007-01-25 | Mci, Inc. | Method and system for providing secure communications between proxy servers in support of interdomain traversal |
US20070043940A1 (en) * | 2005-08-22 | 2007-02-22 | Alcatel | Mechanism to avoid expensive double-encryption in mobile networks |
US20070206537A1 (en) * | 2006-03-06 | 2007-09-06 | Nancy Cam-Winget | System and method for securing mesh access points in a wireless mesh network, including rapid roaming |
US20070258414A1 (en) * | 2004-03-02 | 2007-11-08 | Hong Cheng | System and Method for Negotiation of Wlan Entity |
US20080101598A1 (en) * | 2006-11-01 | 2008-05-01 | Microsoft Corporation | Separating Control and Data Operations to Support Secured Data Transfers |
US20080183883A1 (en) * | 2001-04-05 | 2008-07-31 | Qualcomm Incorporated | Method and system to accelerate cryptographic functions for secure e-commerce applications |
US20080189784A1 (en) * | 2004-09-10 | 2008-08-07 | The Regents Of The University Of California | Method and Apparatus for Deep Packet Inspection |
US20080253395A1 (en) * | 2002-06-11 | 2008-10-16 | Pandya Ashish A | Tcp/ip processor and engine using rdma |
US20100161958A1 (en) * | 2005-06-22 | 2010-06-24 | Seok-Heon Cho | Device for Realizing Security Function in Mac of Portable Internet System and Authentication Method Using the Device |
US7920549B2 (en) * | 2005-07-20 | 2011-04-05 | Verizon Business Global Llc | Method and system for providing secure media gateways to support interdomain traversal |
Family Cites Families (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
MXPA04010624A (en) * | 2002-04-26 | 2004-12-13 | Thomson Licensing Sa | Transitive authentication authorization accounting in interworking between access networks. |
JP3964338B2 (en) * | 2003-03-07 | 2007-08-22 | 株式会社エヌ・ティ・ティ・ドコモ | Communication network system, communication terminal, authentication device, authentication server, and electronic authentication method |
US20050160161A1 (en) | 2003-12-29 | 2005-07-21 | Nokia, Inc. | System and method for managing a proxy request over a secure network using inherited security attributes |
US7877595B2 (en) * | 2004-03-23 | 2011-01-25 | Harris Corporation | Modular cryptographic device and related methods |
EP1810472A1 (en) * | 2004-10-21 | 2007-07-25 | NTT DoCoMo, Inc. | Method and adapted terminal device for secure session transfer |
JP2006140958A (en) | 2004-11-15 | 2006-06-01 | Matsushita Electric Ind Co Ltd | Packet controller and packet control method |
JP4629533B2 (en) * | 2005-08-22 | 2011-02-09 | 日立オートモティブシステムズ株式会社 | Hydraulic pressure control device and manufacturing method thereof |
JP2007116509A (en) | 2005-10-21 | 2007-05-10 | Nec Corp | Communication terminal, program, communication system, and method for outputting security information |
CN101379853B (en) * | 2006-02-22 | 2013-03-27 | 日本电气株式会社 | Radio access system and radio access method |
KR100973118B1 (en) * | 2006-08-21 | 2010-07-29 | 콸콤 인코포레이티드 | Method and apparatus for internetworkig authorization of dual stack operation |
US8578159B2 (en) * | 2006-09-07 | 2013-11-05 | Motorola Solutions, Inc. | Method and apparatus for establishing security association between nodes of an AD HOC wireless network |
US8533454B2 (en) * | 2006-09-25 | 2013-09-10 | Qualcomm Incorporated | Method and apparatus having null-encryption for signaling and media packets between a mobile station and a secure gateway |
JP5032582B2 (en) * | 2006-11-16 | 2012-09-26 | テレフオンアクチーボラゲット エル エム エリクソン(パブル) | Gateway selection mechanism |
EP1947819A1 (en) * | 2007-01-18 | 2008-07-23 | Matsushita Electric Industrial Co., Ltd. | Header reduction of data packets by route optimization procedure |
EP1956755A1 (en) * | 2007-02-08 | 2008-08-13 | Matsushita Electric Industrial Co., Ltd. | Network controlled overhead reduction of data packets by route optimization procedure |
JP4386926B2 (en) | 2007-02-16 | 2009-12-16 | 富士通株式会社 | Encryption communication program, encryption communication method, and encryption communication apparatus |
JP4362138B2 (en) | 2007-03-14 | 2009-11-11 | 日本電信電話株式会社 | COMMUNICATION CONNECTION SELECTION DEVICE, METHOD, AND PROGRAM |
JPWO2008146395A1 (en) * | 2007-05-31 | 2010-08-12 | パナソニック株式会社 | Network relay device, communication terminal, and encrypted communication method |
-
2008
- 2008-12-23 US US12/343,119 patent/US8769257B2/en not_active Expired - Fee Related
-
2009
- 2009-12-17 JP JP2009286993A patent/JP2010158006A/en active Pending
- 2009-12-18 EP EP09180017A patent/EP2203007A1/en not_active Withdrawn
- 2009-12-22 CN CN2009102659648A patent/CN101778382B/en not_active Expired - Fee Related
Patent Citations (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080183883A1 (en) * | 2001-04-05 | 2008-07-31 | Qualcomm Incorporated | Method and system to accelerate cryptographic functions for secure e-commerce applications |
US20080253395A1 (en) * | 2002-06-11 | 2008-10-16 | Pandya Ashish A | Tcp/ip processor and engine using rdma |
US20040098588A1 (en) * | 2002-11-19 | 2004-05-20 | Toshiba America Research, Inc. | Interlayer fast authentication or re-authentication for network communication |
US20050165953A1 (en) * | 2004-01-22 | 2005-07-28 | Yoshihiro Oba | Serving network selection and multihoming using IP access network |
US20070258414A1 (en) * | 2004-03-02 | 2007-11-08 | Hong Cheng | System and Method for Negotiation of Wlan Entity |
US20080189784A1 (en) * | 2004-09-10 | 2008-08-07 | The Regents Of The University Of California | Method and Apparatus for Deep Packet Inspection |
US20100161958A1 (en) * | 2005-06-22 | 2010-06-24 | Seok-Heon Cho | Device for Realizing Security Function in Mac of Portable Internet System and Authentication Method Using the Device |
US20070019622A1 (en) * | 2005-07-20 | 2007-01-25 | Mci, Inc. | Method and system for providing secure communications between proxy servers in support of interdomain traversal |
US20070022289A1 (en) * | 2005-07-20 | 2007-01-25 | Mci, Inc. | Method and system for providing secure credential storage to support interdomain traversal |
US7920549B2 (en) * | 2005-07-20 | 2011-04-05 | Verizon Business Global Llc | Method and system for providing secure media gateways to support interdomain traversal |
US20070043940A1 (en) * | 2005-08-22 | 2007-02-22 | Alcatel | Mechanism to avoid expensive double-encryption in mobile networks |
US20070206537A1 (en) * | 2006-03-06 | 2007-09-06 | Nancy Cam-Winget | System and method for securing mesh access points in a wireless mesh network, including rapid roaming |
US20110264915A1 (en) * | 2006-03-06 | 2011-10-27 | Nancy Cam-Winget | System and method for securing mesh access points in a wireless mesh network, including rapid roaming |
US20080101598A1 (en) * | 2006-11-01 | 2008-05-01 | Microsoft Corporation | Separating Control and Data Operations to Support Secured Data Transfers |
Non-Patent Citations (2)
Title |
---|
"An FPGA-based AES-CCM Crypto Core For IEEE 802.11i Architecture" (Sept. 2007) by Arshad Aziz and Nassar Ikram; International Journal of Network Security, Vol.5, No.2, PP.224-232 of (9 pages total); originally downloaded from http://ijns.femto.com.tw/contents/ijns-v5-n2/ijns-2007-v5-n2-p224-232.pdf * |
NPL "How TLS protocol works" (January 22, 2007) by Paul Szymanski; 3 pages; converted to PDF originally from http://www.networkworld.com/news/2007/011807-tls3.html * |
Cited By (35)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130191635A1 (en) * | 2009-11-26 | 2013-07-25 | Kabushiki Ksisha Toshiba | Wireless authentication terminal |
US10110573B2 (en) | 2010-07-08 | 2018-10-23 | Texas Instruments Incorporated | Packet-processing with CPPI DMA streaming interface ingress and egress ports |
US10999263B2 (en) | 2010-07-08 | 2021-05-04 | Texas Instruments Incorporated | Cryptographic engine, scheduler, packet header processor, ingress interfaces, and buffers |
US10567358B2 (en) | 2010-07-08 | 2020-02-18 | Texas Instruments Incorporated | Packet accelerator ingress communication processor peripheral streaming interface, scheduler, buffer |
US20120311348A1 (en) * | 2011-06-03 | 2012-12-06 | Kevin Joel Osugi | Method and System for Embedded High Performance Reconfigurable Firmware Cipher |
US8707051B2 (en) * | 2011-06-03 | 2014-04-22 | Exelis, Inc. | Method and system for embedded high performance reconfigurable firmware cipher |
US20140153723A1 (en) * | 2012-06-01 | 2014-06-05 | Georgia Tech Research Corporation | System for providing physical layer security |
US9411968B2 (en) * | 2012-11-14 | 2016-08-09 | Fujitsu Limited | Apparatus and method for performing different cryptographic algorithms in a communication system |
US20140136853A1 (en) * | 2012-11-14 | 2014-05-15 | Fujitsu Limited | Apparatus and method for performing different cryptographic algorithms in a communication system |
CN103402202B (en) * | 2013-08-20 | 2016-03-16 | 武汉虹信通信技术有限责任公司 | Based on the terminal access restriction method of 802.11 agreements in WLAN |
CN103402202A (en) * | 2013-08-20 | 2013-11-20 | 武汉虹信通信技术有限责任公司 | Terminal access limiting method based on 802.11 protocol in WLAN (wireless local area network) |
WO2016007333A1 (en) * | 2014-07-09 | 2016-01-14 | Seven Networks, Inc. | Secure handling of secure socket layer ("ssl") traffic |
US10845868B2 (en) | 2014-10-08 | 2020-11-24 | Apple Inc. | Methods and apparatus for running and booting an inter-processor communication link between independently operable processors |
US20160112454A1 (en) * | 2014-10-20 | 2016-04-21 | Samsung Electronics Co., Ltd. | Electronic device and method for data communication |
US10841880B2 (en) | 2016-01-27 | 2020-11-17 | Apple Inc. | Apparatus and methods for wake-limiting with an inter-device communication link |
US10846237B2 (en) | 2016-02-29 | 2020-11-24 | Apple Inc. | Methods and apparatus for locking at least a portion of a shared memory resource |
US10853272B2 (en) | 2016-03-31 | 2020-12-01 | Apple Inc. | Memory access protection apparatus and methods for memory mapped access between independently operable processors |
WO2018045590A1 (en) | 2016-09-12 | 2018-03-15 | Telefonaktiebolaget Lm Ericsson (Publ) | A method for secure link layer connection over wireless local area networks |
EP3510803A4 (en) * | 2016-09-12 | 2020-03-25 | Telefonaktiebolaget LM Ericsson (publ) | A method for secure link layer connection over wireless local area networks |
US11388145B2 (en) * | 2016-09-12 | 2022-07-12 | Telefonaktiebolaget Lm Ericsson (Publ) | Tunneling data traffic and signaling over secure etls over wireless local area networks |
US11809258B2 (en) | 2016-11-10 | 2023-11-07 | Apple Inc. | Methods and apparatus for providing peripheral sub-system stability |
US10775871B2 (en) | 2016-11-10 | 2020-09-15 | Apple Inc. | Methods and apparatus for providing individualized power control for peripheral sub-systems |
US20190132801A1 (en) * | 2017-10-30 | 2019-05-02 | Dexcom, Inc. | Diabetes management partner interface for wireless communication of analyte data |
US10979431B2 (en) * | 2017-10-30 | 2021-04-13 | Dexcom, Inc. | Diabetes management partner interface for wireless communication of analyte data |
US11818133B2 (en) | 2017-10-30 | 2023-11-14 | Dexcom, Inc. | Diabetes management partner interface for wireless communication of analyte data |
US11153317B2 (en) | 2017-10-30 | 2021-10-19 | Dexcom, Inc. | Diabetes management partner interface for wireless communication of analyte data |
US11363025B2 (en) | 2017-10-30 | 2022-06-14 | Dexcom, Inc. | Diabetes management partner interface for wireless communication of analyte data |
US10764328B2 (en) | 2017-11-03 | 2020-09-01 | International Business Machines Corporation | Altering cipher and key within an established session |
US10789198B2 (en) * | 2018-01-09 | 2020-09-29 | Apple Inc. | Methods and apparatus for reduced-latency data transmission with an inter-processor communication link between independently operable processors |
US11176064B2 (en) | 2018-05-18 | 2021-11-16 | Apple Inc. | Methods and apparatus for reduced overhead data transfer with a shared ring buffer |
WO2020118007A1 (en) * | 2018-12-05 | 2020-06-11 | Akamai Technologies, Inc. | High performance distributed system of record with secure interoperability to external systems |
US11483347B2 (en) | 2018-12-05 | 2022-10-25 | Akamai Technologies, Inc. | High performance distributed system of record with secure interoperability to external systems |
US11533310B2 (en) * | 2020-02-07 | 2022-12-20 | Continental Teves Ag & Co. Ohg | Authentication method |
US20210250351A1 (en) * | 2020-02-07 | 2021-08-12 | Continental Teves Ag & Co. Ohg | Authentication Method |
EP4221084A1 (en) * | 2022-01-28 | 2023-08-02 | Avago Technologies International Sales Pte. Limited | A high performance architecture for converged network and security systems and appliances |
Also Published As
Publication number | Publication date |
---|---|
JP2010158006A (en) | 2010-07-15 |
EP2203007A1 (en) | 2010-06-30 |
CN101778382B (en) | 2013-10-30 |
CN101778382A (en) | 2010-07-14 |
US8769257B2 (en) | 2014-07-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8769257B2 (en) | Method and apparatus for extending transport layer security protocol for power-efficient wireless security processing | |
TWI388180B (en) | Key generation in a communication system | |
US7921463B2 (en) | Methods and apparatus for providing an insertion and integrity protection system associated with a wireless communication platform | |
US7826427B2 (en) | Method for secure transfer of data to a wireless device for enabling multi-network roaming | |
US8538023B2 (en) | Methods and apparatuses for administrator-driven profile update | |
US11658949B2 (en) | Secure publish-subscribe communication methods and apparatus | |
US11736304B2 (en) | Secure authentication of remote equipment | |
JP5600214B2 (en) | Wireless device privacy control | |
US8601103B2 (en) | Method, apparatus and system for distributing and enforcing authenticated network connection policy | |
EP3308519B1 (en) | System, apparatus and method for transferring ownership of a device from manufacturer to user using an embedded resource | |
US8302183B2 (en) | Apparatus and method of security identity checker | |
US9219709B2 (en) | Multi-wrapped virtual private network | |
WO2017092504A1 (en) | Router with hardware encryption/decryption function and encryption/decryption method thereof | |
US20060039339A1 (en) | Method and system for automatic registration security | |
WO2023280194A1 (en) | Network connection management method and apparatus, readable medium, program product, and electronic device | |
WO2016003311A1 (en) | Device bootstrap to wireless network | |
WO2010023506A1 (en) | Methods, apparatuses, computer program products, and systems for providing secure pairing and association for wireless devices | |
WO2023020164A1 (en) | Method and apparatus for managing communication channel | |
US11652910B2 (en) | Data transmission method, device, and system | |
CN114301613B (en) | Method and device for secure communication | |
CN104335621A (en) | Association identifier communication device and association identifier communication method | |
CN108990052B (en) | Method for detecting WPA2 protocol vulnerability | |
Jinlong et al. | A Hybrid Transmission System Based on NFC-Enabled Mobile Phones. | |
TW202329671A (en) | Wireless communication device and wireless communication method able to verify vendor information | |
Pavan | An Encrypted MAC for the Authentication Process in WSN |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: INTEL CORPORATION,CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SOOD, KAPIL;REEL/FRAME:023205/0916 Effective date: 20090908 Owner name: INTEL CORPORATION, CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SOOD, KAPIL;REEL/FRAME:023205/0916 Effective date: 20090908 |
|
FEPP | Fee payment procedure |
Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
FEPP | Fee payment procedure |
Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.) |
|
LAPS | Lapse for failure to pay maintenance fees |
Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
STCH | Information on status: patent discontinuation |
Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362 |
|
FP | Lapsed due to failure to pay maintenance fee |
Effective date: 20220701 |